﻿using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;

namespace HRdex_Final
{
    public partial class Login : System.Web.UI.Page
    {
        DataTable dtbl = new DataTable("dtbl");
        SqlConnection conn = new SqlConnection("Data Source=.\\SQLEXPRESS;AttachDbFilename=|DataDirectory|\\HRdexDB.mdf;Integrated Security=True;User Instance=True");
 

        protected void Page_Load(object sender, EventArgs e)
        {
            txtEmailFP.Visible = false;
            txtUsernameFP.Visible = false;
            btnSubmitFP.Visible = false;
            lblFP.Visible = false;
            lblemail.Visible = false;
            lbluname.Visible = false;
            LinkButton2.Visible = false;
            
        }
        string SessionID()
        {
            return Session["EmployeeID"].ToString();
        }
        protected void mainLogin_Authenticate(object sender, AuthenticateEventArgs e)
        {
            try
            {
                string uname = mainLogin.UserName.Trim(); //Get the username from the control
                string password = mainLogin.Password.Trim(); //get the Password from the control
                bool flag = AuthenticateUser(uname, password);
                if (flag == true)
                {
                    //e.Authenticated = true;

                    //if (Login1.Password == dtbl.Rows[0].ItemArray[0].ToString())
                    //{

                    SqlDataAdapter adapt = new SqlDataAdapter("SELECT formEmployees.EmployeeID, formEmployees.Password, catUserLevel.catUserLevelName FROM formEmployees INNER JOIN  catUserLevel ON formEmployees.UserLevelID = catUserLevel.UserLevelID WHERE (formEmployees.EmployeeID = " + mainLogin.UserName + ")", conn);
                    adapt.Fill(dtbl);

                    Session["EmployeeID"] = mainLogin.UserName;

                    if (dtbl.Rows[0].ItemArray[2].ToString() == "Employee" || dtbl.Rows[0].ItemArray[2].ToString() == "Faculty")
                    {
                        Server.Transfer("~/Home/HomeContent.aspx");
                        //ADD controls = disable here 
                    }
                    else if (dtbl.Rows[0].ItemArray[2].ToString() == "SubAdmin")
                    {
                        Server.Transfer("~/Home/HomeContent.aspx");
                        //ADD controls = disable here 
                    }
                    else
                    {
                        //ADMIN to ah
                        Server.Transfer("~/Home/HomeContent.aspx");
                        //ADD controls = disable here 
                    }
                }
                else
                    e.Authenticated = false;
            }
            catch (Exception)
            {
                e.Authenticated = false;
            }
        }


        private bool AuthenticateUser(string uname, string password)
        {
            bool bflag = false;
            string connString = "Data Source=.\\SQLEXPRESS;AttachDbFilename=|DataDirectory|\\HRdexDB.mdf;Integrated Security=True;User Instance=True";
            string strSQL = "select * from formEmployees where EmployeeID ='" + uname + "' AND Password ='" + password + "'";
            DataSet DS = new DataSet();
            SqlConnection conn;
            SqlDataAdapter dataAdapter;
            //SqlCommand m_Command;
            try
            {
                conn = new SqlConnection(connString);
                conn.Open();
                dataAdapter = new SqlDataAdapter(strSQL, conn);
                dataAdapter.Fill(DS);
                conn.Close();
            }
            catch (Exception)
            {
                DS = null;
            }

            if (DS != null)
            {
                if (DS.Tables[0].Rows.Count > 0)
                    bflag = true;
            }
            return bflag;
        }

        protected void btnSubmitFP_Click(object sender, EventArgs e)
        {

            SqlDataAdapter da = new SqlDataAdapter("SELECT Email from formEmployees WHERE EmployeeID = " + txtUsernameFP.Text, conn);
            DataTable datbl = new DataTable();
            da.Fill(datbl);
            if (datbl.Rows[0][0].ToString()==txtEmailFP.Text)
            {
                SqlCommand cmd = new SqlCommand("UPDATE formEmployees SET Password = 'adu' WHERE EmployeeID = " + txtUsernameFP.Text, conn);
                conn.Open();
                int chk = cmd.ExecuteNonQuery();
                conn.Close();
                if (chk > 0)
                {
                    lblFP.Visible = true;
                    lblFP.Text = "Your Password has been reset to 'adu'. Please change your password after login.";
                    LinkButton2.Visible = true;
                }

            }
            else
            {
                lblFP.Visible = true;
                lblFP.Text = "Invalid Email";
            }

            
        }

        protected void LinkButton1_Click(object sender, EventArgs e)
        {
            
            
                mainLogin.Visible = false;
                txtEmailFP.Visible = true;
                txtUsernameFP.Visible = true;
                btnSubmitFP.Visible = true;
                lblFP.Visible = true;
                lblemail.Visible = true;
                lbluname.Visible = true;
                LinkButton1.Visible = false;
           
            
        }

        protected void LinkButton2_Click(object sender, EventArgs e)
        {
            mainLogin.Visible = true;
            txtEmailFP.Visible = false;
            txtUsernameFP.Visible = false;
            btnSubmitFP.Visible = false;
            lblFP.Visible = false;
            lblemail.Visible = false;
            lbluname.Visible = false;
        }
    }
}